Composer
首页 包列表 提交包 常见问题 关于

定制 enflow/oidconnect-laravel 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

enflow/oidconnect-laravel

Composer 安装命令:

composer require enflow/oidconnect-laravel

包简介

Open ID Connect client library for Laravel Framework

关键字:

# oauth # laravel # openidconnect

README 文档

README

The OpenIDConnect Laravel package is meant to provide you an opportunity to easily authenticate users using OpenID Connect protocol.

Latest Stable Version Latest Unstable Version Total Downloads License

Installation

To install this package you will need:

  • Laravel 5.4+
  • PHP 7.1+

Use composer to install

composer require furdarius/oidconnect-laravel:dev-master

Open config/app.php and register the required service providers above your application providers.

'providers' => [
    ...
    Laravel\Socialite\SocialiteServiceProvider::class,
    Furdarius\OIDConnect\ServiceProvider::class
    ...
]

If you'd like to make configuration changes in the configuration file you can pubish it with the following Aritsan command:

php artisan vendor:publish --provider="Furdarius\OIDConnect\ServiceProvider"

After that, roll up migrations:

php artisan migrate

Usage

Configuration

At first you will need to add credentials for the OpenID Connect service your application utilizes. These credentials should be placed in your config/opidconnect.php configuration file.

<?php

return [
    'client_id' => 'CLIENT_ID_HERE',
    'client_secret' => 'CLIENT_SECRET_HERE',
    'redirect' => env('APP_URL') . '/auth/callback',
    'auth' => 'https://oidc.service.com/auth',
    'token' => 'https://oidc.service.com/token',
    'keys' => 'https://oidc.service.com/keys',
];

Endpoints

Now, your app has auth endpoints:

  • GET /auth/redirect - Used to redirect client to Auth Service login page.
  • GET /auth/callback - Used when Auth Service redirect client to callback url with code.
  • POST /auth/refresh - Used by client for ID Token refreshing.

Middleware

You need to use Auth Middleware on protected routes. Open App\Http\Kernel and register middleware in $routeMiddleware:

protected $routeMiddleware = [
    'token' => \Furdarius\OIDConnect\TokenMiddleware::class
];

And then use it as usual:

Route::middleware('token')->get('/protected', function (Illuminate\Http\Request $request) {
    return "You are on protected zone";
});

User Auth

Create your own StatelessGuard and setup it in config/auth.php. Example:

Guard:

<?php

namespace App\Auth;

use Illuminate\Auth\AuthenticationException;
use Illuminate\Auth\GuardHelpers;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\Guard;
use Illuminate\Support\Traits\Macroable;

class StatelessGuard implements Guard
{
    use GuardHelpers, Macroable;

    /**
     * @return \Illuminate\Contracts\Auth\Authenticatable
     * @throws AuthenticationException
     */
    public function user()
    {
        if (null === $this->user) {
            throw new AuthenticationException('Unauthenticated user');
        }

        return $this->user;
    }

    /**
     * @param array $credentials
     * @return bool
     */
    public function validate(array $credentials = [])
    {
        return $this->user instanceof Authenticatable;
    }
}

Config (config/auth.php):

'defaults' => [
    'guard' => 'stateless',
    'passwords' => 'users',
],

...

'guards' => [
    'stateless' => [
        'driver' => 'stateless'
    ]
],

Then implement own Authenticator. Example:

<?php

namespace App\Auth;

use App\User;
use Furdarius\OIDConnect\Contract\Authenticator;
use Furdarius\OIDConnect\Exception\AuthenticationException;
use Lcobucci\JWT\Token\DataSet;

class PersonAuthenticatorAdapter implements Authenticator
{
    /**
     * @param DataSet $claims
     *
     * @return void
     */
    public function authUser(DataSet $claims)
    {
        $email = $claims->get('email');
        if (!$email) {
            throw new AuthenticationException('User\'s email not present in token');
        }

        $model = new User(['email' => $email]);

        \Auth::setUser($model);
    }
}

And implement auth guard service provider. Example:

<?php

namespace App\Auth;

use Furdarius\OIDConnect\Contract\Authenticator;
use Illuminate\Support\ServiceProvider;

class AuthenticatorServiceProvider extends ServiceProvider
{
    /**
     * Bootstrap any application services.
     *
     * @return void
     */
    public function boot()
    {
        \Auth::extend('stateless', function () {
            return new StatelessGuard();
        });
    }

    /**
     * Register any application services.
     *
     * @return void
     */
    public function register()
    {
        $this->app->singleton(Authenticator::class, function ($app) {
            return new PersonAuthenticatorAdapter();
        });
    }
}

Then register it in config/app.php:

'providers' => [
    ...
    App\Auth\AuthenticatorServiceProvider::class,
    ...
]

Now you can use \Auth::user(); for getting current user information.

统计信息

  • 总下载量: 525
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 2
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 28
  • 开发语言: PHP
访问仓库

其他信息

  • 授权协议: MIT
  • 更新时间: 2022-04-25